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Abstract 


An axiomatisation of Hurkens's paradox in dependent type theory is 
given without assuming any impredicative feature of said type theory. 

Hurkens's paradox |j8l is a very economic, though rather hard to understand, 
paradox of the impredicative type theory, described in Section ITTTl whose 
main characteristic is to feature to nested impredicative sorts. Its terseness 
makes it the weapon of choice fo derive inconsisfencies from logical princi¬ 
ple or experimenfal language feafures of your favourife proof assisfanf. Or, 
rafher, embedding U” in some way is fhe weapon of choice, Hurkens's para¬ 
dox serves as a way fo furn fhis info a proof of false. 

If may sound like a fufile game fo play: if you are fhe ideal mafhemafi- 
dan you will never implement inconsistent feature in your proof assisfanf. 
Unforfunafely, you are nof, and deriving confradicfion will happen fo you 
from time to time. Having a tool for fhat may furn ouf fo be of fremendous 
help. As a bonus, fhe inconsisfency of U~ can serve fo derive pofenfially use¬ 
ful principles, such as fhe facf fhaf if fhe principle of excluded middle holds 
in an impredicafive sorf, fhen fypes in fhaf sorf have fhe proof irrelevance 
properly (see Section |2|^. 

The downside in all fhaf is fhaf fhere does nof seem fo be a good way 
fo express, wifhin dependenf t5rpe fheory, fhe exisfence of an impredicafive 
sort. Coquand Igj gave a sufficient condition, albeit much stronger, to derive 
contradictions in a generic way. His proof was based on Girard's lUl paradox 
rafher fhan Hurkens's one (which came ouf fen years lafer). Geuvers ||^ 
lafer gave a proof based more direcfly on Hurkens's one and relying on a 
single impredicafive sorf, buf fhis proof wasn'f very generic. The resulf was 
fhaf Hurkens's proof was included twice in fhe disfribufion of fhe Goq proof 
assisfanf liSj: Geuvers's proof, and a varianf due fo Hugo Herbelin fo prove 
slighfly differenf resulfs. 

This sifuafion is cerfainly unsafisfacfory, as adapting Hurkens's proof for 
every liffle variafion around fhe same fheme is significantly more work than 
describing an encoding of U~. If prevenfs good people from finding perfecfly 
good proof of confradicfions: if isn't fair to assume that everyone is an expert 
in Hurkens's proof. 

As if happens, however, fhere is a perfecfly good axiomatisation of U” 
in your favourife dependenfly fyped proof assisfanf (in acfualify, a sufficienf 
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subsystem). And the corresponding proof of confradicfion is, mutatis mutan¬ 
dis, Geuvers's, where conversion rules are replaced by equalities. 

1 Axiomatic Hurkens's paradox 

The trick, so to speak, of fhe axiomafix presenfafion of U” is generally af- 
fribufed fo Marfin-Lof: a universe is given by an f5q)e U:Type describing fhe 
fypes in fhe universe, and an decoding function EI:U—^Type describing, for 
each fype in U fhe elemenfs of fhaf f5q)es. Sorfs are fo be encoded as such 
universes. Sysfem U~ has fwo of fhese, commonly called large and small, fo- 
gefher wifh rules fo combine fhem. Each of fhese rules fake fhe form of a 
producf formafion rule (see Barendregf's presenfafions of pure type systems, 
formerly known as generalised type systems imillJ Section 5.2]). Insfead of fhe 
usual presenfafion where fhere is a single dependenf producf wifh a number 
of formafion rules, we will have a disfincf dependenf producf - wifh ifs own 
infroducfion rule (A-absfracfion) and elimination rule (application) - for each 
of fhe formafion rule. For each pair A-absfracfion & applicafion, fhere may be 
a / 3 -equivalence rule, modelled as an equalify; only fhe / 3 ‘equivalence rules 
which are effecfively used in fhe proof are axiomafised. 

1.1 Axiomatic U 

The full axiomatic presentation appears below, in Coq S5mtax. It is also part 
of Coq's disfribufion and can be found, af fhe time fhese nofes are being 
written, in fhe file theories/Logic/Hurkens.v. 

Large universe 

Variable U1 : Type. 

Variable Ell : U1 Type. 

The large universe U 1 is closed by dependenf producfs over fypes in U 1 . 
The definition of dependenf producf and A-absfracfion are defined using fhe 
function space of fhe dependent t5rpe theory. Notations are defined for de¬ 
pendenf producf, A-absfracfion and applicafion. As usual, an arrow nofafion 
is used when the dependent product has a constant range. 

Variable Foralll : forall u:Ul, (Ell u Ul) —Ul. 

Notation "'Vi' x : A , B" := (Foralll A (fun x ^ B)). 

Notation "A ' — > 1 ' B" (Foralll A (fun _ ^ B)). 

Variable laml : forall u B, (forall x:Ell u. Ell (B x)) —>■ Ell (Vi x:u, B x). 

Notation "'Ai' x , u" := (laml _(fun x ^ u)). 

Variable appl : forall u B (f:Ell (Vi x:u, B x)) (x:Ell u). Ell (B x). 

Notation "f '-i' x" := (appl_f x). 

Variable betal : forall u B (fdorall x:Ell u. Ell (B x)) x, 

(Ai y, fy) -1 x = fx. 

The large universe U 1 is made impredicative by a dependent product with 
large domain. The standard presentation would use a sort U2, of which Ul 
is a member; fhe dependenf producf would fhen have, as a domain, some 


2 


T:U 2 . This would be unnecessary complexity as U 2 is so restricted that the 
only interesting t5rpe in it would be Ul. So, instead, we simply restrict the 
domain of the product to be U1. 


Variable ForallUl : (UWUl) ^ Ul. 

Notation "'V 2 ' A , F" := (ForallUl (fun A ^ F)). 

Variable lomUl : forall F, (forall A:U1, Ell (F A)) Ell (V 2 A, F A). 

Notation "'A 2 ' x , u" := (lamUl _ (fun x u)). 

Variable appUl : forall F (f:Ell(V 2 A,F A)) (A:U1), Ell (F A). 

Notation "f '-i' [ A ]" := (appUl _ f A). 

Variable betoUl : forall F (fdorall A:U1, Ell (F A)) A, 

(A 2 X, f x) -1 [ A ] = f A. 


Small universe The small universe UO is an element of fhe larger one. There¬ 
fore we need an uO:Ul and UO is faken fo be Ell uO rafher fhan a variable. 

Variable uO : Ul. 

Notation UO := (Ell uO). 

Variable ElO : UO -5- Type. 

The small universe UO is closed by dependent products in UO. The defi¬ 
nitions are symmetric to the corresponding ones of U 1 . Notice, however, the 
lack of d^rule, which is unnecessary to derive a contradiction. 

Variable ForallO : forall u:U0, (ElO u UO) ^ UO. 

Notation "'Vo' x : A , B" := (ForallO A (fun x => B)). 

Notation "A '—s-o' B" := (ForallO A (fun _ B)). 

Variable lamO : forall u B, (forall x:EI0 u, ElO (B x)) ElO (Vq x:u, B x). 

Notation "'Ao' x , u" := (lamO_ (fun x u)). 

Variable appO : forall u B (f:EI0 (Vq x:u, B x)) (x:EI0 u), ElO (B x). 

Notation "f '-o' x" := (appO_f x). 

The small universe UO is made impredicative by a dependent whose range 
is in U 1 . Contrary to the impredicative product of U 1 , the range cannot be 
restricted to be only UO. Here again, the / 3 'rule is not needed. 


Variable ForallUO : forall u:Ul, (Ell u->U0) ^ UO. 

Notation "'Vo^' A : U , F" := (ForallUO U (fun A ^ F)). 

Variable lamUO : forall U F, (forall A:EI1 U, ElO (F A)) ^ ElO (Vq^ A:U, F A). 

Notation "'Ao^' x , u" := (lamUO_ (fun x u)). 

Variable appUO : forall U F (f:EI0(Vo^ A:U,F A)) (A:EI1 U), ElO (F A). 
Notation "f '-o' [ A ]" := (appUO_f A). 


1.2 Proof of contradiction 

From there, we can proceed to use Hurkens's argument to derive a contra¬ 
diction. Let's be precise: we shall prove that every t5rpe in UO is inhabited. It 
will only be an actual contradiction if UO contains the empty t5rpe. For this 
purpose, let's assume a t5rpe in UO, we will then prove it is inhabited. 
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Variable F:UO. 


The proof will require simplifying / 3 -redexes. We provide facfics fo fhaf 
effecf. 


Ltac simplify 

{repeat rewrite ?betol, ?betaUl); 
lazy beto. 

Ltac simplifyjn h := 

{repeat rewrite ?betal, ?betaUl in h); 
lazy beto in h. 

These facfics are rafher brufe-force, in fhat fhey will /^-reduce as much as 
possible wifhouf any particular sfrategy On fhe ofher hand, fhey, crucially, 
don'f unfold Coq definitions so fhat we can give fhem hinfs by manually 
unfolding fhe appropriafe ferms fo be simplified. Allowing fhe simplificafion 
facfics fo unfold Coq definitions furns ouf fo be infracfable. 

If is fradifional fo regard U 1 as fhe type of dafafypes and UO as fhe type of 
proposition. This view is justified by fhe facf fhaf UO is nof equipped wifh ( 3 - 
conversion rules. In fhe proof, following Geuvers |j5j, dafa is explicifly given, 
while propositions are proved wifh facfics. Here are fhe dafa definifions (Tm 
playing a bif loose here, since I consider propositions fo be dafa, fhey are 
according to the above definition at least): 


Definition V : U1 := V 2 A, ((A — :■! uO) — :■! A —uO) —^1 A —uO. 
Definition U : U1 := V —)-i uO. 

Definition sb (z:Ell V) : Ell V := A 2 A, Ai r, Ai a, r -i (z-i[A]-ir) -i a. 

Definition le (i:Ell (U—^luO)) (x:Ell U) : UO := 

X -1 (A 2 A, Ai r, Ai o, i -i (Ai v, (sb v) -i [A] -i r -i a)). 

Definition le' : Ell ((U—:>iuO) — s-i U —>i uO) := Ai i, Ai x, le I x. 
Definition Induct (I:EI1 (U — >-iuO)) : UO := 

Vo^ x:U, le I x —^0 i -i x. 

Definition WF : Ell U := Ai z, (Induct (z-i[U] -i le')). 

Definition I (x:Ell U) : UO := 

(Vo^ i:U—>iuO, le I x —^0 i u (Ai v, (sb v) -i [U] -i le' -i x)) —^0 F 


The proofs follow Geuvers as well. The main difference is fhaf we 
musf explicifly call fo simplify where conversion was used implicitly and that 
standard Coq tactics calls to the intro and apply tactics are generally replaced 
by tactics of the form refine (Aq x, _) and refine (h-o_) respectively. 
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Lemma Omega : ElO (Vq^ i:U—>-iuO, induct i —s-o i -i WF). 

Proof. 

refine (Aq^ i, Ao y, _). 
refine (y-oU-oJ- 
unfoid le,WF,induct. simplify. 
refine (Ao^ x, Ao hO, _). simplify. 
refine (y-oU-oJ- 

unfoid le. simplify, unfoid sb at i. simplify, unfold le' of i. simplify. 
exacf hO. 

Qed. 


Lemma lemma 1 : ElO (induct (Ai u, I u)). 

Proof. 

unfold induct. 

refine (Aq^ x, Ao p, _). simplify. 
refine (Ao q,_). 

assert (ElO (I (Ai v, (sb v)-i[U]-ile'-ix))) as h. 

( generalize (q-o[Ai u, I u]-oP). simplify. 

infras q'. exacf q'. } 
refine (h-o_)- 
refine {Xo^ i,_)- 
refine (Aq h', _). 

generalize (q-o[Ai y, i -i (Ai v, (sb v)-i[U] -i le' -i y)]). simplify. 
Infras q'. 

refine (q'-oj- clear q'. 
unfald le af i in h'. simplifyjn h'. 
unfald sb af i in h'. simplifyjn h'. 
unfald le' af i in h'. simplifyjn h'. 
exacf h'. 

Qed. 


Lemma Iemma2 : ElO ((Vo^i:U—^-lUO, induct i —s-o i-iWF) —s-o F). 

Proof. 

refine (Ao x, _). 
asserf (ElO (I WF)) as h. 

{ generalize (x-o[Ai u, I u]-olemmal). simplify. 
infras q. 
exacf q.} 

refine (h-o_). clear h. 
refine (Aq^ i, Ao hO, _). 

generalize (x-o[Ai y, i-i(Ai v, (sb v)-i[U]-ile'-iy)]). simplify. 
infras q. 

refine (q-o_)- clear q. 
unfald le in hO. simplifyjn hO. 
unfold WF in hO. simplifyjn hO. 
exacf hO. 

Qed. 
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Theorem paradox : ElO F. 

Proof. 

exact (lemma2-oOmega). 

Qed. 

The takeaway insight is that because the paradox does not actually make 
use of the reduction rules in propositions of DO, using equalify fo model 
conversion in fhese proposifions doesn'f raise any obsfacle fo fhe complefion 
of fhe proof. 

Nofhing in fhis proof is parficularly specific fo Coq: if could be done 
in any varianf of Marfin-Lof fype fheory provided fhat an identify t5rpe is 
available. Of course, fhe support of Coq for rewriting significantly helps, if 
your favourife proof assisfanf doesn'f have a similar feafure if may be painful 
fo porf fhis generic paradox. 

2 Applications 

In fhis secfion we will see a few insfances of fhe generic axiomafisation of 
Hurkens's proof can help derive contradicfions. They come from fhe file 
theories/Logic/Hurkens.v of fhe Coq disfribufion (version 8.5). 


2.1 Sorts 

A common implemenfafion of universes is fo use a sorf of fhe dependenf 
fype fheory for a universe of U~. In fhaf case. El is jusf fhe identify 

Variable U Type. 

Let El := fun X ^ X. 

For universes defined fhis way, small producfs and fheir A-absfracfion, 
application and / 3 -rule are defined sfraighfforwardly (eq_refl is Coq's wifness 
of reflexivify of equalify). 


Let Forall (A:U) (B:A ^ U) : U := forall x:A, B x 
Let lam u B (f:forall x:A,B x) := f 
Let app u B (f:forall x:A,B x) (x:A) := f x 
Let beta uBfx:fx = fx:= eq_refl 

2.2 Impredicative sort 

Impredicativity, for a sorf U, can also be characferised to some degree. The 
idea is that there must be a bigger sort U' which can be projected onto U. See, 
for example, fhe brackefing consfruction in |j7j. This projection could be im- 
plemenfed, for insfance, for Coq's impredicafive Prop sorf as fun X:Type ^ forall P:Prop, (X— >P)—s-P. 

The signature of Secfion I 27 T 1 is exfended wifh fhe consfrainf fhat U' is 
bigger than U and a projection. 
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Let U' := Type. 

Let U:U' := Type. 

Variable proj : U' —^ U. 

With the following laws. 

Hypothesis proj_unit: forall (A:U'), A —>• proj A. 

Hypothesis proj_counit: forall (F:U—s-U), proj (forall A,F A) —>• (forall A,F A). 
Hypothesis proj_coherent: forall (F:U —U) (f:forall x:U, F x) (x:U), 
proj_counit _ (proj_unit _ f) x = f x. 

The proj_unit law expresses that if proj generally diminishes fhe abilify fo 
disfinguish befween elemenfs of A:U 2 , if does nof lose elemenfs. We don'f 
have a way back from proj A fo A in general, buf proj forms a monad. The 
proj_unit law expresses a small variafion on fhis latter remark. 

These properties are sufficienf fo show fhaf U is closed by large producf. 
The / 3 -rule, omitted, is easily derived from proj_coherent. 

Let ForallU (F:U—J^U) : U := proj (forall A, F A). 

Let lomUl F (f:forall A:U, F A) : proj(forall A:U, F A):= proj_unit _ f 
Let oppUl F (f:proj(forall A:U, F A)) (A:U) : F A proj_counit _ f x. 

We can exploit Coq's universe polymorphism (form version 8.5) to turn 
this section into a generic definition of impredicative sort. Indeed, under the 
polymorphic interpretation Type represents an arbitrary t5rpe, including the 
impredicative sort Prop, which is indeed impredicative in the above sense. 

2.3 Generalising Geuvers's proof 

Geuvers jgj proves that an impredicative sort U 1 cannot be a retract of an 
U 0 :U 1 . His proof is made for U 1 = Prop, but we can instantiate the proof of 
Section [1] to obtain the same result for any sort which is impredicative sort in 
the sense of Section [2T2I 


Let U 2 := Type. 

LetUl:U2 := Type. 

Variable U0:U1. 

Where U 1 is impredicative over U 2 as in Section I272I The retraction is 
given by the following functions. Only a weak form of retraction is needed 
were t5rpes in U 1 which are "logically equivalent" are considered equal. 

Variable projO : UO —> U1. 

Variable injO : U1 UO. 

Hypothesis injO_unit : forall (b:Ul), b —;■ projO (injO b). 

Hypothesis injO_counit : forall (b:Ul), projO (injO b) —b. 

From this (weak) retraction we can define ElO and corresponding products 
for UO despite the fact that UO is not necessarily a sort. 
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Let ElO (u:UO) := projO u 

Let ForallO (u:U0) (B:projO u —^ UO): UO := injO (forall x:projO u, projO (B x)) 
Let LambdaO u B (ftforall x:projO u, projO (B x)) 

: projO (injO (forall x:projO u, projO (B x))) := injO_unit _ f. 

Let appO forall u B (f:projO (injO (forall x:projO u, projO (B x)))) (x:projO u) 

: projO (B x) := injO_counit _ f x 

Large products are define much the same: 

Let ForallO (u:Ul) (B:u —UO) : UO InjO (forall x:u, projO (B x)) 

Let LambdaO u B (f:forall x:u, projO (B x)) 

: projO (InjO (forall x:u, projO (B x))) := injO_unit _ f. 

Let appO forall u B (f:projO (InjO (forall x:u, projO (B x)))) (x:u) 

: projO (B x) := injO_counit _ f x 

From this, the paradox is set up, so we can deduce that every proposition 
of P:U0 is "inhabited" in that ElO P = projO P is inhabited, and therefore, that 
every proposition of F:U1 is inhabited since InjO F:U0 is "inhabited" in the 
sense of UO, i.e. projO (InjO F) is inhabited, then injO_counit concludes. 

Since Prop is an instance of the signature of Section I 2 T 2 I we prove, like 
Geuvers, that Prop is not a retract of a proposition P:Prop. 

2.4 Excluded middle and proof irrelevance 

Geuvers proof, from Section [2:31 helps proving a result, by Coquand jjqj, that 
excluded middle, in an impredicative sort makes it proof irrelevant, i.e. every 
type in that sort have at most one element. This proof appear in the Coq 
distribution in the file theories/Logic/ClassicalFact.v, presumably written by 
Hugo Herbelin. It uses Geuvers result and was mostly unmodified with the 
new proof of said result. With the characterisation of Section 12721 this could 
be done in an arbitrary impredicative sort, but the Coq proof is done only for 
the impredicative sort Prop, and we will present it that way for simplicity. 
The basic idea is that excluded middle: 

Variable em: forall A:Prop, AV-iA. 

turns the Prop sort into a boolean universe with only two elements. So as¬ 
suming a proposition with two distinct values 

Variable U0:Prop. 

Variables t f: UO. 

Hypothesis not_eq_t_f: t / f. 

we can reflect Prop into UO proposition as in Section [273] Where True is re¬ 
flected as t and False as f, as the names suggest. 

This is formalised as a retraction given by: 

Let InjO (A:Prop) : UO := orjnd A (-lA) UO (fun _ => t) (fun _ => f) (em A). 
Let projO (x:U0) : Prop := t = x. 

Where orJnd:forall A B P : Prop, (A P) — (B — P) A V B — P is the 
elimination principle of disjunction. 
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We are left to prove the unit and counit laws of injO and projO to satisfy 
the premisses of the paradox in Section [ 27 ^ The unit law is direct: 

Lemma injO_unit : forall A:Prop, A —>• projO (injO A). 

Proof. 

Intros A x. unfold projO, injO. 
destrucf (em A) as [h | h]. 

+ reflexivify. 

+ contradiction. 

Qed. 

The counit law is the step that makes a crucial use of the not_eq_t_f h5rpothe- 
sis: 


Lemma injO_counit : forall A:Prop, projO (injO A) —A. 

Proof. 

intros A h. unfold projO, injO in *. 
destrucf (em A) as [I 11]. 

+ apply I. 

+ absurd (t=f). 

* apply not_eq_t_f. 

* apply h. 

Qed. 

Section E3l then yields a contradiction. Since UO is arbitrary we have: 
forall (A: Prop) (x y:A), -'-i(x=y). A last application of the excluded middle 
yields the expected result: 

forall (A: Prop) (x y:A), x=y 

2.5 Variants of Prop 

A (monadic) modality on Prop is given by a mapping: 

Variable M : Prop Prop. 

Together with the following laws: 

Hypothesis unit: forall A:Prop, A -s- M A. 

Hypothesis join : foraii A:Prop, M (M A) —>• M A. 

Hypothesis incr : forall A B:Prop, (A—:>B) —^ M A —M B. 

Such a modality is automatically equipped with a distribution property over 
arbitrary conjunctions: 

Lemma strength: forall A (P:A—:>Prop), M(forall x:A,P x) —forall x:A,M(P x). 

Proof. 

eauto. 

Qed. 

With a modality we can define the t5rpe of modal propositions, where the 
unit law is actually an equivalence (modalities are closure operators, by the 
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join law, so the type of modal propositions is the image of M up fo logical 
equivalence). 

Definition MProp := { P:Prop | M P —P }. 

Despife nof being a sorf, MProp can be seen as a subfype of Prop and, 
fherefore, as a universe in fhe sense of Section iiTTI 

Definition El (P:MProp) : Prop := projl_sig P. 

Because of strength, the MProp universe is closed by products of arbifrary 
fypes. The Program ke5rword makes if possible fo populafe MProp by giving 
fhe proposifion P (first projection) explicifly and discharging fhe proof fhaf 
M P —P fo facfics. 

Program Definition Foroll (A:Type) (F:A->MProp) : MProp := 
forall x:A, El (F x). 

Next Obligation. 

intros A F h X. 

apply strength with (x:=x) in h. 
desfrucf (F x). cbn in *. 
eauto. 

Qed. 

Definitions of producfs, small and large, for MProp follow immedi- 
afely: 

Let Forall 1 (u:MProp) (F:EI u —MProp) : MProp := Forall (El u) F. 

Let ForallUl (F:MProp-^MProp) : MProp := Forall MProp F. 

Because El (Forall A F) = foraii x:A, F, introduction, elimination and / 3 -rules for 
the products are immediate. 

Just like in Section [ 27 ^ a retraction of MProp into a modal proposition 
can be used to trigger Hurkens's paradox. This is an example of instance of 
Hurkens's paradox where neither of the universes are sorts of the system. 

Variable UO:MProp. 

Variable projO : UO MProp. 

Variable InjO : MProp ^ UO. 

Hypothesis injO_unit: forall (A:MProp), El A —El (projO (InjO A)). 

Hypothesis injO_counit: forall (A:MProp), El (projO (InjO A)) —El A. 

Following the the proof of Section [ 27 ^ we conclude from this context that 
every modal proposition is inhabited. This is not necessarily a contradiction, 
as falsity need not be modal. For instance the trivial modality, whose only 
modal proposition in True. 

Definition M (A:Prop) : Prop := True 

A more interesting modality is, for a given X: 

Definition M (A:Prop) : Prop := AVX 

for such a modality exhibiting a retraction into a modal proposition only 
prove -iX: it is always the case that the smallest modal proposition is M False. 
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2.6 Weak excluded middle and proof irrelevance 

In this section we will be concerned with the double-negation modality, whose 
modal propositions are also called negative propositions: 

Definition M (A: Prop) : Prop := -i-iA 

and will use the paradox from Section [275} to prove that the weak principle 
of excluded middle 

Hypothesis wem : foraii A:Prop, -■-lA V -•A. 

entails a weak form of proof irrelevance. This is a new proof I added to 
theories/Logic/ClassicalFact.v and is available from version 8.5. 

Looking closely at wem it becomes clear that it claims decidability of 
exactly the negative propositions. 

Remark wem' : foraii A:MProp, El A V -lEI A. 

The proof, therefore, proceeds just like the proof of Section [2:^ We begin 
by postulating a proposition with two proofs. 

Variable U0:Prop. 

Variables t f: UO. 

Hypothesis not_eq_t_f: t / f. 

Notice that UO is negative, since UO has a proof, in particular ->-100-^00 
holds. So we only need to construct a retraction into UO. The retraction is 
given by injO and projO which are, niutatis mutandis the same as in Section [2:^ 
double negations have to be inserted for propositions which need to be neg¬ 
ative, and proofs of negativity have to be provided when building negative 
propositions. 

Let injO (A: M Prop) : UO := 

orjnd (El A) (^El A) UO (fun _ => t) (fun _ => f) (wem' A). 

Let projO (x:U0) : MProp := 

exist (fun P=>^-iP ^ P) (-'-'(t = x)) (fun h x ^ h (fun k k x)). 

The unit and counit laws follow and we eventually derive a contradiction. 
That is, since U0:Prop is arbitrary a proof that: 

foraii (A: Prop) (x y:A), -'-'(x=y) 

Contrary to to the case of (strong) excluded middle, we cannot eliminate 
this last double-negative. So proof irrelevance doesn't follow from weak ex¬ 
cluded middle. However, this section proves that weak excluded middle is 
incompatible with any sort of proof relevance principle. In particular, in Coq 
lingo, weak excluded middle cannot hold in impredicative Set, that is an 
impredicative sort with strong elimination. 

3 Conclusion 

The axiomatisation of Hurkens's paradox presented in Section [1] is very ver¬ 
satile. It can be used, mostly, to prove that some combination of logical prin¬ 
ciples are incompatible, but also to detect bugs in a dependent-t5rpe-theory 
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implementation. Which is a completely fair and healthy activity if you ask 
fhis aufhor. 

If is, cerfainly an improvemenf over a sifuafion where each paradox 
would need a careful redesign of Hurkens's proof fo fif fhe specific premises. 
In pracfice if meanf fhaf paradoxes were nof derived, because fhe brave 
paradox-finder didn'f have fhe energy or experfise fo franslafe Hurkens's 
paradox. 

As per fhe axiomafisafion ifself. If has fhe pleasanf properfy of requiring 
only a subsef of U“ where fhe "proofs" of "propositions" don'f require 13 - 
rules or any kind of equalify rule. So somefhing was learned. Adapting fhe 
proof fo fhe axiomafisafion doesn'f presenf any new difficulfy, excepf from 
confrolling rewriting a little. If wasn'f discovered before solely by fhe virfue 
of nobody looking. The reader who enjoyed fhis axiomafisafion can celebrafe 
fhe bouf of opfimism which made me look fhe righf way, and fhe nighf I losf 
over if. 
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